QUESTION 1
Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than CompTIA CAS-002 dumps prominent international standards. He has recommended that the company use his cryptographic method.
Which of the following methodologies should be adopted?
A. The company should develop an in-house solution and keep the algorithm a secret.
B. The company should use the CEO’s encryption scheme.
C. The company should use a mixture of both systems to meet minimum standards.
D. The company should use the method recommended by other respected information security organizations.
Correct Answer: D
QUESTION 2
A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company’s security posture quickly with regard to targeted attacks. Which of the following should the CSO conduct FIRST?
A. Survey threat feeds from services inside the same industry.
B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic.
C. Conduct an internal audit against industry best practices to perform a qualitative analysis.
D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor.
Correct Answer: A
QUESTION 3
An administrator wants to CAS-002 vce enable policy based flexible mandatory access controls on an open source OS to prevent abnormal application modifications or executions. Which of the following would BEST accomplish this?
A. Access control lists
B. SELinux
C. IPtables firewall
D. HIPS
Correct Answer: B
QUESTION 4
A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input?
A. Client side input validation
B. Stored procedure
C. Encrypting credit card details
D. Regular expression matching
Correct Answer: D
QUESTION 5
A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently funded a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches.
Which of the following statements BEST describes this situation?
A. The CFO is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.
B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.
C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the CFO.
D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.
Correct Answer: D
QUESTION 6
Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the CAS-002 vce proprietary web application before launch. Which of the following is the penetration tester MOST likely to use while performing black box testing of the security of the company’s purchased application? (Select TWO).
A. Code review
B. Sandbox
C. Local proxy
D. Fuzzer
E. Port scanner
Correct Answer: CD
QUESTION 7
A new piece of ransomware got installed on a company’s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern?
A. Determining how to install HIPS across all server platforms to prevent future incidents
B. Preventing the ransomware from re-infecting the server upon restore
C. Validating the integrity of the deduplicated data
D. Restoring the data will be difficult without the application configuration
Correct Answer: D
QUESTION 8
The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53?
A. PING
B. NESSUS
C. NSLOOKUP
D. NMAP
Correct Answer: D
QUESTION 9
A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that CAS-002 exam allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO’s requirement?
A. GRC
B. IPS
C. CMDB
D. Syslog-ng
E. IDS
Correct Answer: A
QUESTION 10
Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router?
A. Deploy inline network encryption devices
B. Install an SSL acceleration appliance
C. Require all core business applications to use encryption
D. Add an encryption module to the router and configure IPSec
Correct Answer: A
Read more: https://www.pass4itsure.com/cas-002.html CompTIA CASP is the industry leader in information technology, and getting certified by them is a guaranteed way to succeed with IT careers. We help you do exactly that with our high quality CompTIA CASP CompTIA Advanced Security Practitioner (CASP) training materials.
Reference: https://certification.comptia.org/certifications/comptia-advanced-security-practitioner
Click here to learn more: https://www.braindump4it.com/latest-api-api-571-pdf/